<?php

namespace app\admin\model;

use think\Model;

class AdminUserModel extends Model
{
    protected $name = 'admin_user';
    public $error;

    public function get_id()
    {
        if (!isset($_COOKIE['admin']) ) {
            return false;
        }
        if ($id = $this->decryptLoginToken($_COOKIE['admin'])) {
            return $id;
        }
        $this->delLoginToken();
        return false;
    }

    public function get_info($id = 0)
    {
        $id = $id ? $id : $this->get_id();
        if (!$id) {
            return false;
        }
        return $this->find($id);
    }

    public function login($user, $password)
    {
        if (empty($user) || empty($password)) {
            $this->error = "请输入用户名和密码";
            return false;
        }
        if ($id = $this->getIdByUsername($user)) {
            if ($this->checkPwd($id, $password)) {
                $this->setLoginToken($id);
                return true;
            }
        }
        $this->error = $this->error ?: "用户不存在";
        return false;


    }

    public function setLoginToken($id, $time = 0)
    {
        if (!$id) {
            $this->error = 'id错误';
            return false;
        }
        $root_host = urlToRootDomain($_SERVER['HTTP_HOST']);//获取根域

        if ($time == 0) {
            $token = $this->createLoginToken($id, $time + 3600 * 24);
        } else {
            $token = $this->createLoginToken($id, $time);
        }
        if ($token === false) {
            return false;
        }
        if ($time == 0) {
            setcookie("admin", $token, 0, '/', $root_host, null, true);//关闭浏览器过期
        } else {
            setcookie("admin", $token, time() + $time + 3600, '/', $root_host, null, true);
        }
        return true;
    }

    /**
     * 删除cookie loginToken
     */
    public function delLoginToken()
    {
        $root_host = urlToRootDomain($_SERVER['HTTP_HOST']);//获取根域
        setcookie("admin", '', time() - 3600, '/', $root_host, null, true);
        return true;
    }

    public function decryptLoginToken($token)
    {
        if (!$token) {
            return false;
        }
        $data = explode('|', $token);
        if (count($data) != 3) {
            return false;
        }
        list($id, $expiry_time, $token) = $data;
        if (!$id || !$expiry_time || $expiry_time < time() || !$token) {
            return false;
        }
        $os = get_os();
        $browser = get_browsername();
        $user_agent = $os . '-' . $browser;
        if ($token != md5($id . $expiry_time . $user_agent. 'mdzz')) {
            return false;
        }
        return $id;
    }

    public function createLoginToken($id, $time = 3600)
    {
        /* $member = Db::name('member')
             ->where('id', $id)
             //  ->where('status', 1)
             ->find();*/
        $expiry_time = time() + $time;
        $os = get_os();
        $browser = get_browsername();
        $user_agent = $os . '-' . $browser;
        $token = md5($id . $expiry_time . $user_agent. 'mdzz');
        $znn_token = $id . '|' . $expiry_time . '|' . $token ;
        return $znn_token;
    }


    //公钥解密 sshkey对
    public function pub_decrypt($data)
    {
        $result = '';
        $public_key = file_get_contents(APP_PATH . '/Certificate/public_key.pem');
        //$pub_key = openssl_pkey_get_public($public_key);
        $data = base64_decode($data);
        openssl_public_decrypt($data, $result, $public_key);//公钥解密
        return $result;
    }

    public function pri_encrypt($data)
    {
        $result = '';
        $private_key = file_get_contents(APP_PATH . '/Certificate/private_key.pem');
        // $pri_key = openssl_pkey_get_private($private_key);
        openssl_private_encrypt($data, $result, $private_key);//私钥加密
        $result = base64_encode($result);
        return $result;
    }

    public function getIdByUsername($username)
    {
        if (empty($username)) {
            return null;
        }
        return $this->where('username', $username)->value('id');
    }

    public function checkPwd($id, $password)
    {
        $pwd = $this->where('id', $id)->value('password');
        if ($pwd == null) {
            $this->error = "用户不存在";
            return false;
        }
        if (pwd_encrypt($password) == $pwd) {
            return true;
        } else {
            $this->error = "密码错误";
            return false;
        }
    }
}